Why I have Multicast Looped on my Forigate even the second interface not join any Firewall switch?

Potato168 · ‎02-18-2025

Dear all,

Please have a look at the following Lab.

We have a Windows NLB using Multicast across one Server only.

The NLB virtual IP is 192.168.169.25/24, and the real server behind the NLB is 192.168.169.24

The Server just connected to a Cisco switch without special configuration, even no vlan and IP on the switch. The spanning is enabled as RSTP to prevent looped.

The Fortigate wan1 connected to the the same switch to allow access from/to the Server as well.

At this moment, everything is working fine and the ping result likes this:

Now, let's try connecting the HA1 interface to the switch:

Why numerous Dup! message come up to my Fortigate even the HA1 is a standalone interface without joining any Firewall software/hardware/Vlan switch?

Firewall interface.png

AEK · ‎02-19-2025

Hi Potato

What happens if you replace the Windows server by a simple client with the same address? Is it the same behavior?

AEK

Potato168 · ‎02-24-2025

Make it simple, if we ping the real server IP "192.168.169.24", there is no issue as well.

Potato168 · ‎03-04-2025

No One know the Mcast loop issue?

AEK · ‎03-05-2025

I didn't face such issue before but after some research I think it has sometming to do with multicast forwarding. I mean probably when you connect the fortigate to the same segment it forwards the multicast packet to the other interface and it creates a loop.

https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/968606/configuring-multicast...

AEK

Potato168 · ‎04-13-2025

But the multicast forwarding is disabled and never enabled.

I wonder that is NPU level issue?

Why I have Multicast Looped on my Forigate even the second interface not join any Firewall switch?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website